This learning path has been designed to help you meet some of the compliance needs of GDPR using specific compliance enabling services offered by AWS. Using a combination of these services and various security, auditing, alerting, monitoring and reporting features, you will understand how to enforce stringent security processes aligning to compliance controls required when storing personal data. You will be introduced to five different services allowing you to understand what they are used for and how to configure them, as well as an awareness of all of their features to help you implement and maintain your own levels of security at different levels as required. These services include:
- AWS CloudTrail
- Amazon Macie
- Amazon GuardDuty
- AWS Config
- Amazon Inspector
This learning path is intended for anyone who is responsible for maintaing security and complaince to meet specific regulations and controls, including those requried by GDPR
This learning path will enable you to:
- Identify different AWS Services that can be used to enforce GDPR compliance to meet regulations
- Configure security services to allow you to meet both internal and external security requirements
- Implement security methods within your infrastructure to quickly identify potential threats to your resources and data
- Understand how to safeguard your data from accidental and unintended exposure
8 hours of high definition video, 2 hands on labs and a final exam.
It would be beneficial to have a basic awareness and understanding of the following AWS services:
- Simple Storage Service
- Identity and Access Management (specifically around policies)
- AWS CloudWatch
- Simple Notification Service
- Key Management Service
This learning path starts by outlining some of the basics surrounding GDPR and how it affects your business before introducing you to the different AWS services that can help you to enable complaince within your infrastructure.
AWS CloudTrail: The primary function of AWS CloudTrail is to record and track all AWS API requests made. These API calls can be programmatic requests initiated from a user using an SDK, the AWS command line interface, from within the AWS management console or even from a request made by another AWS service.
Amazon Macie: The main function of the service is to provide an automatic method of detecting, identifying, and also classifying data that you are storing within your AWS account.
Amazon GuardDuty: Aregional-based intelligent threat detection service which allows users to monitor their AWS account for unusual and unexpected behavior by analyzing AWS CloudTrail event logs, VPC flow logs, and DNS logs. It then uses the data from logs and assesses them against multiple security and threat detection feeds, looking for anomalies and known malicious sources, such as IP addresses and URLs.
AWS Config: Captures and tracks resource changes within your environment along with other useful metadata which is held within a file known as a configuration item, a CI.
Amazon Inspector: This is a managed service that is used to help you find security vulnerabilities within your EC2 instances and any applications running on them during any stage of development and deployment.
We welcome all feedback so if you are unsure about where to start or if would like help getting started please direct any comments or questions to us at firstname.lastname@example.org
Learning Path Steps
AWS CloudTrail Intermediate
Learn how to configure and use AWS CloudTrail and CloudWatch in cooperation with each other to monitor AWS infrastructure and services. Whenever an Instance is stopped or terminated and alarm will trigger (using AWS SNS) and deliver an email notification to...
AWS Config Intermediate
Compliance check using AWS Config Rules: See how AWS Config can enhance your security and compliance with AWS managed rules and custom rules with AWS Lambda
Exam: GDPR - Using AWS Compliance Enabling Services
About the Author
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data centre and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 50+ courses relating to Cloud, most within the AWS category with a heavy focus on security and compliance
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.